security_1.jpg
 

What is the CIA Triad?

CIA Triad stands for Confidentiality, Integrity and Availability. The CIA triad is in fact an information security framework which outlines three important principals to a properly defined security program. Many believe cybersecurity is making sure passwords are set and encryption is used when data is in transit or stored somewhere, and they would be partially correct, but those measures mostly improve confidentiality. Traditional monitoring tools provide some measure of cybersecurity by improving on the availability of a system. Integrity is harder to achieve but plays an important part of forming a solid security framework. HiCLIFF monitoring technology is built with a focus on all three elements of the CIA triad. Let us examine exactly how HiCLIFF can help improve the overall security posture of an audiovisual communication system and why it is an essential element.

 

Confidentiality

First off, let us first define confidentiality in terms of audiovisual communication; confidentiality refers to an organization’s efforts to keep their data/media private or secret. It is about controlling access to data/media to prevent unauthorized disclosure. Let us explore some of the ways confidentiality can be jeopardized in an audiovisual communications system:

  • Data Loss via the unauthorized routing of media or eavesdropping

  • The adding of rogue hardware for the purpose of intercepting media on the network

  • Missing encryption of media data in transit over a network

  • Vulnerable operating systems, webservices, and open communication ports

  • Use of default passwords, weak or missing user authentication

  • Theft or removal of physical equipment that may contain intellectual property, trade secrets, etc


HiCLIFF’s Cybersecurity monitoring tools improve system confidentiality by providing a suite of features that address several of these potential vulnerabilities. System discovery as an example provides details on all the devices that make up the audiovisual system, any modifications to system topology will be detected and flagged. HiCLIFF’s vulnerability scanning tools can help identify missing or incorrect security setup of an asset. HiCLIFF’s media tracking capabilities make it possible to identify unauthorized media eavesdropping.

 

Integrity

Integrity is one of the more elusive elements of the CIA triad. Integrity is about ensuring that information/media is accurate and reliable. Making sure data has not been tampered with and therefore can be trusted. Media encryption plays a large role in ensuring integrity, however not all media routing solutions support it. HiCLIFF can help build integrity into media systems by logging the routing of media over the network to determine compliance. Compliance logs can further be used as a means of non-repudiation in a communication system, which is the inability to deny something has happened.

 

Availability

Availability is coincidently what traditional NMS monitoring tools help with in a limited capacity.  However, to ensure up time and availability in audiovisual systems, the tools must also work proactively to defend against outages. Availability therefore refers to ensuring authorized persons have access to the system when they are needed. Cyber threats come in many shapes and sizes, DoS (denial of service) as an example is when a bad actor purposefully causes a system or system component to fail or become unresponsive. DoS attacks may be perpetrated by someone who is attempting to disrupt business operations, it could also be an attempt to commandeer a publicly visible digital signage system as an example. In both cases, DoS inhibits the usefulness of the audiovisual system. HiCLIFF specializes in the monitoring of audiovisual components, including the hardware, software, media and the networks they run on. With a deep understanding and knowledge of these fundamental elements, HiCLIFF differentiates itself from other solutions by detecting anomalous behaviour specific to the audiovisual environment. HiCLIFF prescribes to the zero-trust cybersecurity posture, so whether the audiovisual network is segmented or converged, HiCliff should be deployed to monitor the operation of the audiovisual specific elements.


In summary, HiCLIFF’s mission is to defend audiovisual systems following the CIA triad framework. HiCLIFF’s cybersecurity monitoring tools are essential for any modern audiovisual communication system, and should be deployed anywhere confidentiality, integrity and availability are important.